I am trying to design a registration form that requests the user to enter their username and e-mail address.
I have been told that when a user attempts to register a username and/or e-mail address that is already registered in the database (or even recover their forgotten username and password), then the error message should not reveal if the e-mail is in fact already registered on the site?
I have bee told the validation/ error message should be a generic message rather than telling the user their e-mail is already registered on the site database.
I am not sure what to display to the user, if they attempt to register an e-mail address that is already registered.
What is the current school of thought on this issue?
Quite a silly requirement - you don't want a registration form to fail for 'no reason', you're just going to have huge abandonment.
If this is for a client, recommend that they reconsider. If it's for an assignment, just do it, because lets be honest, most assignments have ridiculous requirements anyway.